10 enterprise secure remote access best practices
Remote access is a critical necessity in today's work-from-anywhere environment. It's also incredibly risky. But there are ways to protect assets and combat potential attacks.
Karen (Scarfone) Kent's Publications
Welcome! This site has links to all of my online publications. Sign up to get a weekly email update when I release something new.
Top vulnerability scanning tools for security teams
Use these vulnerability scanning tools to find weaknesses and potential exploits in web applications, IT and cloud infrastructure, IoT devices and more.
Comparison of 5 top next-generation firewall vendors
This article outlines key features and capabilities that CISOs and security decision-makers should consider when evaluating modern NGFWs and examines five top firewall options.
How to reduce false positive alerts and increase cybersecurity
False positives in cybersecurity detection tools drain resources and distract from real threats. Once CISOs understand the root causes of false positives, they can implement strategies to reduce them.
How to Perform a Data Risk Assessment, Step by Step
Let's dig into what a data risk assessment is and how to perform one.
How to evaluate NGFW products to strengthen cybersecurity
Next-generation firewalls are critical tools in today's evolving threat landscape. Learn how to evaluate and select an NGFW that will bolster your company's cybersecurity posture.
Data Classification Practices
This guide, Data Classification Practices, demonstrates how organizations can discover, identify, and label unstructured data using data classification practices.
10 Types of Information Security Threats for IT Teams
Cybersecurity teams must be mindful at all times of the current threats their organization faces. While it's impossible to thwart every threat, stopping as many as possible and quickly detecting when they occur are both critical for reducing damage. Here are 10 types of threats that cybersecurity teams should focus on.
Top open source and commercial threat intelligence feeds
Let's take a closer look at cybersecurity threat intelligence feeds and highlight some leading options -- both open source and commercial.
5 deepfake detection tools to protect enterprise users
Let's look at five of the top tools that CISOs can use today to detect deepfake videos entering their organizations.
NIST's Secure Software Development Framework (SSDF) 1.2
The content updates from SSDF 1.1 to 1.2 are relatively small, but the changes in format and layout are significant, which makes it arduous to do a side-by-side comparison. To aid you in seeing what’s changed, we’ve created an annotated version. It highlights new content in green and changed content in orange (except for references). Each highlighted instance of changed content also has a callout box with the old text and the new text.
Five takeaways from NIST SP 800-70 update
To help public comment reviewers and anyone else interested in the details of the changes, we’ve done a side-by-side comparison of the revisions and identified the five most significant takeaways.
How to Create an Incident Response Playbook
Here's a look at what incident response playbooks accomplish, why they are important and how to use them.
Do AI chatbots tell the truth? Six-month follow-up
Six months ago, I tested five AI chatbots—ChatGPT, Claude, Copilot, Gemini, and Perplexity—to see how they performed when asked to provide a set of facts from a publicly available cybersecurity standard. The results were…not great.It’s time to repeat the tests and see how the chatbots’ performance has changed.
Integrating Cybersecurity and Enterprise Risk Management (ERM)
This document is intended to help individual organizations within an enterprise improve their cybersecurity risk information, shared through their enterprise’s ERM processes.
Draft SSDF 1.2
NIST has released the initial public draft of Special Publication (SP) 800-218r1 (Revision 1), Secure Software Development Framework (SSDF) Version 1.2: Recommendations for Mitigating the Risk of Software Vulnerabilities, per Executive Order 14306. This document describes new and improved practices, tasks, and examples for the secure and reliable development, delivery, and improvement of software.
Thanks, and best wishes for 2026!
You know when you make plans and life laughs out loud at them? That’s how 2025 has been for me.
Top 6 Data Loss Prevention Tools for 2026
Some DLP tools encompass the entire organization -- and these are the focus of this article. First, let's discuss some must-have features and capabilities. Then, take a close look at six enterprise DLP tools for the information needed when evaluating the best product for your company's needs.
Trusted IoT Device Network-Layer Onboarding and Lifecycle Management
This guide shows how to provide network credentials to IoT devices in a trusted manner and maintain a secure device posture throughout the device lifecycle, thereby enhancing IoT security in alignment with the IoT Cybersecurity Improvement Act of 2020.
Towards Automating IoT Security: Implementing Trusted Network-Layer Onboarding
This document provides an overview of trusted Internet of Things (IoT) device network-layer onboarding—a capability for securely providing IoT devices with their local network credentials in a manner that helps to ensure that the network is not put at risk as new IoT devices are connected to it. Additionally, the paper demonstrates the security benefits of trusted network-layer onboarding and how it can address problems with current IoT device onboarding practices.
5 steps for a smooth SIEM implementation
Thoughtful and strategic planning can make the difference between a rocky and smooth deployment. If you've recently purchased SIEM technology or are in the process of doing so, let's examine some best practices for implementation.
In-depth Q&A on federal cybersecurity writing
Earlier this fall, I did a Q&A session on my experiences writing for NIST. Last week I did a follow-up Q&A session that went into more detail on my NIST and FedRAMP writing.
SIEM benefits and features in the modern SOC
Let's explore key features and benefits of the modern SIEM.
7 top deception technology vendors for active defense
This article presents key factors to consider and features to look for when purchasing cyber deception technologies, along with a list of some of the top deception technology vendors.
Load More